Commit 3084c37f authored by Stan Hu's avatar Stan Hu

Perform more redactions in Redis performance bar traces

HMSET and AUTH commands were not properly redacted. This commit
does that and adds a test.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/64309
parent db1b15e4
...@@ -37,6 +37,8 @@ end ...@@ -37,6 +37,8 @@ end
module Peek module Peek
module Views module Views
module RedisDetailed module RedisDetailed
REDACTED_MARKER = "<redacted>"
def results def results
super.merge(details: details) super.merge(details: details)
end end
...@@ -57,10 +59,12 @@ module Peek ...@@ -57,10 +59,12 @@ module Peek
end end
def format_command(cmd) def format_command(cmd)
if cmd.length >= 2 && cmd.first =~ /^auth$/i
cmd[-1] = REDACTED_MARKER
# Scrub out the value of the SET calls to avoid binary # Scrub out the value of the SET calls to avoid binary
# data or large data from spilling into the view # data or large data from spilling into the view
if cmd.length >= 2 && cmd.first =~ /set/i elsif cmd.length >= 3 && cmd.first =~ /set/i
cmd[-1] = "<redacted>" cmd[2..-1] = REDACTED_MARKER
end end
cmd.join(' ') cmd.join(' ')
......
# frozen_string_literal: true
require 'spec_helper'
describe Peek::Views::RedisDetailed do
let(:redis_detailed_class) do
Class.new do
include Peek::Views::RedisDetailed
end
end
subject { redis_detailed_class.new }
using RSpec::Parameterized::TableSyntax
where(:cmd, :expected) do
[:auth, 'test'] | 'auth <redacted>'
[:set, 'key', 'value'] | 'set key <redacted>'
[:set, 'bad'] | 'set bad'
[:hmset, 'key1', 'value1', 'key2', 'value2'] | 'hmset key1 <redacted>'
[:get, 'key'] | 'get key'
end
with_them do
it 'scrubs Redis commands', :request_store do
subject.detail_store << { cmd: cmd, duration: 1.second }
expect(subject.details.count).to eq(1)
expect(subject.details.first)
.to eq({
cmd: expected,
duration: 1000
})
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment